Skills
skills/salesforcecommercecloud/b2c-developer-tooling/b2c-slas-auth-patterns/Gen Agent Trust Hub

b2c-slas-auth-patterns

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill documentation and code snippets reference connections to official Salesforce Commerce Cloud API endpoints (api.commercecloud.salesforce.com) for authentication flows and retrieving JSON Web Key Sets (JWKS).
  • [DATA_EXFILTRATION]: Provides comprehensive guidance on managing sensitive authentication materials such as JWT access tokens, refresh tokens, and One-Time Passwords (OTPs). It explicitly advises against exposing client secrets in front-end code and suggests secure storage mechanisms like httpOnly cookies.
  • [SAFE]: All authentication, session management, and token handling patterns provided are standard for the Salesforce Commerce Cloud platform and utilize well-known libraries such as jose and the official Salesforce Commerce SDKs.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 04:00 PM